Aggregating AWS Health events across accounts

By default, you can use AWS Health to view the AWS Health events of a single AWS account. If you use AWS Organizations, you can also view AWS Health events centrally across your organization. This feature provides access to the same information as single account operations. You can use filters to view events in specific AWS Regions, accounts, and services.

You can aggregate events to identify accounts in your organization that are affected by an operational event or get notified for security vulnerabilities. You can then use this information to proactively manage and automate resource maintenance events across your organization. Use this feature to stay informed of upcoming changes to AWS services that might require updates or code changes.

It's a best practice to use the Delegated Administrator feature to delegate access to the AWS Health Organizational view to a member account. This makes it easier for operational teams to access the AWS Health events in your organization. The Delegated Administrator feature allows you to keep your management account restricted, while providing teams with the visibility that they need to act on AWS Health events.

Important

AWS Health doesn't record events that occurred in your organization before you enabled organizational view. For example, if a member account (111122223333) in your organization received an event for Amazon Elastic Compute Cloud (Amazon EC2) before you enabled this feature, this event won't appear in your organizational view.
AWS Health events that were sent for accounts in your organization will appear in organizational view as long as the event is available, up to 90 days, even if one or more of those accounts leave your organization.
Organizational events are available for 90 days before they're deleted. This quota can't be increased.

Prerequisites

Before you use organizational view, you must:

Be part of an organization with all features enabled.
Sign in to the management account as an AWS Identity and Access Management (IAM) user or assume an IAM role.

You can also sign in as the root user (not recommended) in your organization's management account. For more information, see Lock away your AWS account root user access keys in the IAM User Guide.
If you sign in as an IAM user, use an IAM policy that grants access to the AWS Health and Organizations actions, such as the AWSHealthFullAccess policy. For more information, see AWS Health identity-based policy examples.

Topics

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Security best practices

Enabling organizational view